Debian installation on Magnia SG20: Difference between revisions

Image available

Not yet but soon... The root password will be set to "toshibasg20"

What this server will be used for

The primary function is to implement an asterisk phone system. Beyond that I'd like to set up a web-based system for tracking volunteer hours. I have an idea that volunteers will be able to log in and out either via Web page or phone, and when they are logged in they can receive phone calls on the phone they logged in on. When they are logged out they can receive voice mail messages. A web page will show who is logged in and where.

• Phone system - Asterisk
• Intranet Web server - cherokee with php
• Database? - I will avoid needing one. A DBMS will generate too much uncontrolled disk i/o.
• File and print services - Samba
• System management - Webmin, openvpn, ddclient

Webmin will be used locally by staff to perform simple administrative operations. Openvpn will be set up so that I can get secure remote access to the server from my home. Using Openvpn means I will have to set up dynamic dns updates so I will install ddclient.

Booting from Compact Flash

To make a bootable CF card, refer to this "how-to" http://thinstation.sourceforge.net/CF-HOWTO.html

I tried to make a simple EXT2 boot partition but failed; I can create and use EXT2 partitions with my USB card reader but when I put the CF card into its CF-IDE adapter the target system cannot access the EXT2 partition.

Apparently the way to go is to have one partition formatted as it comes from the factory with a FAT filesystem; then you put a JFFS2 filesystem loaded with Debian inside the DOS filesystem.

The kernel goes into the FAT filesystem. Then you can boot with a SYSLINUX [1] bootloader.

This is spelled out in "Debian on Flash" http://www.aweiler.com/linux/debianonflash.html

See also the RootSync project: http://wiki.debian.org/RootSync

Initial installation

The first step is to build a VMware machine.

By using a VMware machine I greatly reduce the amount of work on the Magnia; I build up the image and test it, refine it, finally then I copy it to the compact flash and try booting the Magnia.

If the Magnia does not boot ("Working..." on LCD) then I configure it to PXEboot and boot it from my network server, and check the log files on the hard drive to see what went wrong.

I downloaded the 180 MB ISO image for Debian 5 from http://us.debian.org/ and I created a VMware machine with:

• "Other Linux with 2.6 kernel"
• 512 MB of RAM
• 1 GB IDE drive - this is the image that will be transferred to Compact Flash.
• 8 GB IDE drive - this image will be transferred to a hard drive
• 2 network interfaces

I booted from the ISO image and installed a basic Debian image. I accepted most defaults.

• Time zone - Pacific
• Partitioning - see above section on booting from CF
• Filesystem changed from 'EXT3 journalled' to EXT2
• Use archive at osuosl.org
• "Standard" installation (I want to decide what packages to install later.)

The CF will be mounted read-only most of the time to increase its longevity. Therefore I don't want a swap space on the CF drive and I don't want journalling on the CF drive.

I am assuming there will be a CF adapter in IDE slot 0 and a 2.5" drive in IDE slot 1 The system will spin down the hard drive when it is not in use. I will do everything I can to minimize hits on this drive to prolong its lifespan.

Debian Packages

After the initial install, 504 MB of disk space were in use. The space usage as configure below is about 550 MB. With a little bit of work you could shave it down to fit on a 512MB flash card. I'd rather just spend $5 extra on the flash card and not have to skimp.

I added packages, cleaned things up, and rebooted.

apt-get install asterisk festival samba ntpdate
apt-get install cherokee php5-cgi
apt-get --purge remove bind9-host
apt-get install openssh-server rsync 
apt-get install openvpn ddclient dnsmasq shorewall
apt-get install hdparm smartmontools lm-sensors
# (I can't live without emacs but you probably can.)
apt-get install emacs22-nox
# These are needed for building the CF image
apt-get install mtd-tools funionfs
reboot 

On reboot I noticed NFS file sharing was enabled. I removed the packages. I don't like exim4 email so I removed that and replaced it with postfix.

apt-get --purge remove exim4 portmap nfs-common
apt-get install postfix

I chose "no configuration" for postfix, I will set it up myself later. I used the autoremove and clean commands to get rid of the unneeded packages and to empty the package cache.

apt-get autoremove
apt-get clean

Hard disk set up

I wanted the second hard drive to be a physical drive, not a CF card, so that it can be used to store data files, voice mail, etc.

So I added an 8GB hard drive to the virtual machine and moved the /var partition over there. I created two partitions on the hard drive. The first is swap space. The second will be /var. I moved the home directory tree and made a symlink for convenience; you could create a separate partition for home. I don't plan to have any normal user accounts on this system so I don't feel it needs to be a separate space.

telinit 1
fdisk /dev/hdb
mkswap /dev/hdb1
mke2fs -j /dev/hdb2
mount /dev/hdb1 /mnt
cd /var
tar cf - * | (cd /mnt; tar xpf -)

Add a line to /etc/fstab to mount the new /var partition

echo "/dev/hdb1 swap swap defaults 0 0" >> /etc/fstab
echo "/dev/hdb2 /var ext3 defaults 0 0" >> /etc/fstab

Make sure things are still working

reboot

Moving home directory and creating a symlink

cd /var
mkdir home
mv /home/* home
cd /
rmdir home
ln -s var/home

Moving tmp to /var/tmp

cd /
tar cf - tmp | (cd /var; tar xpvf -)
rm -rf tmp
ln -s var/tmp

Reducing disk access

Swap space is in the hard disk but hopefully seldom is ever used. We should have enough RAM to run everything without any paging.

Setting disk spin down

You can set this in either /etc/default or /etc/hdparm.conf. Review the options in 'man hdparm'.

I do something different, I use crontab settings that spin down sooner at night and not at often during daytime hours when we are more likely to have users and phone calls. In /etc/crontab I add this

# During the day spin down hard drive after 90 minutes inactivity
0 7   * * *   root   hdparm -S 243 /dev/hdb
# At night spin down hard drive after 20 minutes idle time
0 20  * * *   root   hdparm -S 240 /dev/hdb

Note that this does not take effect until the time has been reached so every reboot the drive will stay on continuously until 7am or 8pm -- probably not a bad thing. You can also set up /etc/default/hdparm to get around this.

Logging

Turn down logging. Normally I like servers to log lots of information but on this machine I want minimal logging because every write causes the disk to spin up.

Debian 5 no longer uses tried and true syslog daemon. It is now called rsyslog. You edit the /etc/rsyslog.conf file to adjust logging.

I change references to /dev/xconsole to /dev/tty so that messages pop up on the screen when I am logged in via ssh.

I changed /etc/logrotate.conf and /etc/logrotate.d/* settings to rotate only 1 file not 4-7 as is the default.

Using a RAM disk

need to do more work here Should /var/run be on a RAM disk? /var/lock?

Other software

Webmin

If you want to use webmin then you need to manually install some prerequisite packages and then download the webmin package from the webmin site (it's not part of Debian distribution anymore.)

cd /var/tmp
apt-get install libauthen-pam-perl libio-pty-perl libmd5-perl
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.450_all.deb
dpkg --install webmin*
rm webmin*deb

LCD program

I added the SG20 lcd program; see Magnia LCD for details.

Configuration

I don't want to cover all the configuration details here except to say that you should set up the configuration on the VMWare machine for some of the software packages so that you don't need to deal with it on the CF card.

The most important thing to deal with is the network settings. You have to get the network set up correctly before moving everything to the Magnia, else you won't be able to connect to it at all.

Network settings

You should set an appropriate name and domain in /etc/hosts and /etc/hostname and /etc/resolv.conf

You probably want static IP addresses if this is a server. You should change /etc/network/interfaces.

Controlling ordering of ethernet interfaces

Debian 5 does not appear to be messing around with eth0/eth1 naming rules as Ubuntu does (in /etc/udev/rules.d/70-persistent-net.rules) so I am going to try foregoing that set up and see if it works in the real hardware.

(On Ubuntu the udev system locks MAC numbers to eth0/eth1 when you set up on VMware the first time, then when you move to the Toshiba the interfaces come up as eth2/eth3, ignoring the settings in /etc/network/interfaces and making the system unreachable.)

The /etc/network/interfaces file looks like this

#This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
# The 7 port Ethernet switch
allow-hotplug eth0
iface eth0 inet static
      address 192.168.123.123
      netmask 255.255.255.0
      # If not in use as a firewall
      gateway 192.168.123.1

# The WAN interface (if used as a firewall)
# On DHCP so it can get an address from the ISP
allow-hotplug eth1
iface eth1 inet dhcp

Other configuration settings

These are installed and configured. You might want to adjust them for your own preferences. You should generate new ssh keys for your system.

• ssh
• webmin

I have installed these packages which implement various services but turned them off and left them unconfigured. Webmin and ssh are running.

• asterisk - which will be very different for every installation
• openvpn
• samba - I don't even know if I want this on my server but it is installed.
• cherokee
• postfix

These packages are not run as daemons, and they are configured.

• hdparm (we already configured it this above)
• ntpdate: I use ntpdate to set the system time once a day from a script in /etc/cron.daily called setclock which has just this line in it: "ntpdate -b -s time-nw.nist.gov" Having it run at boot time is annoying if you don't have a working Internet connection - ntpdate has to timeout before the boot process can complete, adding about a minute to your boot times.

To turn off the services I used this command (for instance for samba):

update-rc.d -f samba remove

To turn a package on at boot time, do this

update-rc.d samba defaults

Read-only mode

At some point you can test the configuration to see if you can operate with the root filesystem in read only mode. The command to switchover is

mount -o ro,remount /dev/hda /

You cannot see that the drive is read-only using the mount command because it's read-only! (The mount command cannot update the file /etc/mtab which is where it keeps the information you get from the mount command...) You can do something like this though to prove to yourself the file system is really in read-only mode:

touch /etc/foo

which should give you an error saying the file system is read-only. To make the change sticky, add the ro option to the / line in /etc/fstab

Hardware additions

USB card

The SG20 does not have any serial port or USB ports so I have added a PCMCIA USB 2.0 card to get 4 USB ports. I got the card on Ebay.

External sound system

My Chintimini application calls for being able to hear incoming phone calls on a speaker. I am not sure how to do that yet. USB speaker? USB audio interface? I can get a USB to audio adapter for about $20.

FXO phone line

The Asterisk system should be connected to a standard PSTN analog phone line so that CWC can continue to use its PSTN phone number for incoming calls. That means I need an "FXO" interface. Normally I would use a Digium X100P card (about $20 on Ebay) but the SG20 does not have a PCI slot.

I will probably use an external box, Either a ZOOM or a Grandstream Handy Tone 503. These devices have an FXO interface, one or two FXS interfaces (where you can connect an analog phone or FAX machine) and an ethernet interface.

More on this aspect later... probably will move it to a separate page since it's not really a Debian thing.

Transferring image to CF card

My USB card reader is just flaky, I should get a new one I guess. I could use it to copy to the card directly but it was dying 1/2 through. So instead I make a backup of each filesystem to tar files on the host machine.

On the Debian 5 virtual machine I do this:

# Boot using the systemrescue iso image, so the filesystem is quiet.
# Mount the CF partitions
mkdir /tmp/boot; mount /dev/sda1 /tmp/boot
mkdir /tmp/root; mount /dev/sda2 /tmp/root
# Copy to host system
cd /tmp/boot
tar cf - * | (ssh 192.168.123.1 'cat > /home/bwilson/Toshiba/boot.tar')
cd /tmp/root
tar cf - * | (ssh 192.168.123.1 'cat > /home/bwilson/Toshiba/root.tar')

Now I can copy the contents of the tar files to CF using the CFIDE interface on a test (real) PC machine. That way I can test the CF card before (finally!) moving it to the Toshiba.

On the target machine I boot from its own hard drive and mount the CF card like this

# If the card does not already have a boot sector on it
cat /usr/share/syslinux/mbr.bin > /dev/sdc

# Set up DOS and Linux partitions on the CF card.
fdisk /dev/sdc

mkfs.msdos /dev/sdc1
mke2fs /dev/sdc2

mount /dev/sdc2 /mnt
cd /mnt
tar xf root.tar
mkdir boot
mount /dev/sdc1 /mnt/boot
cd boot
tar xf boot.tar